On Fri, Oct 24, 2008 at 05:39:17AM +0200, B. Vincent Diepeveen wrote:
.....
> hi Joe,
>> Thanks for your post. Very interesting to see all this. Especially the
> summary on what the
> hacker tried.
>> Note i was quite amazed that you mentioned Rocks distribution getting
> used with you.
> A few weeks ago i grabbed latest Rocks with the idea to install it for my
> 1 node cluster.
> Both attempted with and without quadrics QM400 card.
........
>> Now you post here a big story on how your Rocks got hacked. Do i
> conclude it correctly the
> problem is that you ran a default Rocks kernel?
The issue is not a ROCKS issue, it is a Linux and system admin issue.
`
Recall that ROCKS is based on CentOS/RHEL need have no more
and no less out of the box security issues than they do.
Over time the list of patches for both grows and grows...
The subtle issue is one we all need to take to heart as we build
constraints into our environment and make changes to accommodate the
community needs. Then there are the foibles of users in general.
Each constraint keeps us from patching or updating one thing or another
and eventually opens a risk.
As Joe's blog notes the hackers hacked their way into the system via
a valid account and then began a systematic attack of all the cracks
and hacks that they can get their hands on. The suite of tool kits is
relentless in that no attack or vector gets forgotten out on the net.
Great tools like ROCKS, give a lot and also add some constraints
that over time may be a primary, secondary, .... or ....ary problem
in the dependency tree that opens the crack the hackers need.
In general the most common hacks depend on common user errors
to get them started.
--
T o m M i t c h e l l
Found me a new hat, now what?